SNMP stops working after installing eDirectory 8.8 SP8 on Windows 2012

Document ID:7015746
Creation Date:06-Oct-2014
Modified Date:08-Oct-2014
- Micro Focus Products:
  eDirectory

Environment

NetIQ eDirectory 8.8 SP8

dssnmpsupport.exe

Situation

After installing eDirectory on Windows 2012 SNMP system traps are no longer seen.

After SNMP is setup and eDirectory is installed in a Japanese locale, logging into eDirectory results in an Error: -672 (No Access).

Resolution

In Windows 2012 the SNMP service is deprecated. Windows now uses the Common Information Model (CIM) which is supported by the Web-Management web services protocol and is implemented as Windows Remote Management. Further, Service hardening rules have been added for the SNMP services. By default, SNMP sub-agents will not be able to contact the SNMP master service as they could in Windows 2008.

More information can be found here:

http://support.microsoft.com/kb/2771908
http://technet.microsoft.com/en-us/library/hh831568.aspx

Solution:

1. First ensure that Interactive Services has been set to 0

C:\> REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Windows /v NoInteractiveServices /t REG_DWORD /d 0x0 /f
C:\> sc config UI0Detect start= auto

Reboot the system.

2. As mentioned in the Microsoft TID a new utility has been created that will modify the service hardening and firewall rules so that the SA can contact eDirectory and send the traps. It is included in eDirectory from 8.8 SP8 onward. The utility, named dssnmpsupport.exe, can be found in the installation directory of eDirectory. Simply run the utility with no command line options and reboot the server.

This is now a mandatory step to get SNMP working with eDirectory on Windows 2012.